Agent VM

Container-based runtime with an embedded MCP resolver providing sandboxed filesystem and shell access for AI agents.

Agent VM provides a Docker-based sandboxed Linux environment with filesystem and shell access exposed through a standard MCP Streamable HTTP interface. The embedded resolver offers file listing, reading with automatic chunking for large files, writing with auto-created parent directories, and shell command execution with real-time SSE streaming of output. Security is enforced through seven independent layers including configurable security modes (strict, moderate, permissive), command whitelisting and blacklisting, argument validation, direct execution without shell interpretation, and comprehensive audit logging.